BBS:      TELESC.NET.BR
Assunto:  Re: All terminal nodes in-use
De:       Gamgee
Data:     Sun, 3 May 2026 08:55:50 -0500
-----------------------------------------------------------
-=> Denn wrote to Morpheus <=-

 Mo> I've recently started having problems with remote sites opening all
 Mo> available nodes, tying up my BBS. I have 12 nodes configured, and all 12
 Mo> will be sitting at the login prompt and all from the same IP.  I have been
 Mo> blocking entire blocks of IP addresses at my router, and more keep
 Mo> cropping up.  Lately there have been 75 or 80 different addresses each day
 Mo> now.  I have been blocking entire CIDR ranges after looking up the ASN and
 Mo> blocking all of their addresses.

 De> have you tried fail2ban?

I have thought about trying fail2ban many times, but just haven't ever 
had the need, although this recent bot crap is making me think about it 
again.

I'm in need of some info, which surprisingly can't seem to find good 
answers for by searching.  Here are a few questions I have if anyone 
could answer them:

1.  I understand it monitors log(s) and then adds lines/rules to 
iptables to block/ban that IP address.  But... what if you're not using 
iptables on the BBS computer?  I'm not, because why would I be?  It's 
behind a router/firewall already and isn't needed in my experience.  
So... how can I use fail2ban?  

2.  Is the answer to #1 to *start* using iptables?  That sounds simple, 
but a quick look into that revealed a horribly complicated setup/config 
file just to get it going.

So I'd be appreciative of a "Fail2ban for Dummies" type of setup guide, 
and especially on how to initially set up iptables for this use.

Thanks in advance.



... Gone crazy, be back later, please leave message.
--- MultiMail/Linux v0.52
  Synchronet  Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
 * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

-----------------------------------------------------------
[Voltar]